Vulnerability Description
A vulnerability was determined in Open5GS up to 2.7.7. Affected is the function ogs_sbi_subscription_data_add/ogs_sbi_nf_service_add in the library /lib/sbi/context.c of the component NRF. Executing a manipulation can lead to denial of service. It is possible to launch the attack remotely. The exploit has been publicly disclosed and may be utilized. This patch is called 819db11a08b9736a3576c4f99ceb28f7eb99523a. A patch should be applied to remediate this issue.
CVSS Score
MEDIUM
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Open5Gs | Open5Gs | <= 2.7.7 |
Related Weaknesses (CWE)
References
- https://github.com/open5gs/open5gs/Product
- https://github.com/open5gs/open5gs/commit/819db11a08b9736a3576c4f99ceb28f7eb9952Patch
- https://github.com/open5gs/open5gs/issues/4465ExploitIssue Tracking
- https://github.com/open5gs/open5gs/issues/4466ExploitIssue Tracking
- https://github.com/open5gs/open5gs/pull/4534Issue TrackingPatch
- https://vuldb.com/submit/817029Third Party AdvisoryVDB Entry
- https://vuldb.com/submit/817030Third Party AdvisoryVDB Entry
- https://vuldb.com/vuln/364331Third Party AdvisoryVDB Entry
- https://vuldb.com/vuln/364331/ctiPermissions RequiredVDB Entry
FAQ
What is CVE-2026-8744?
CVE-2026-8744 is a vulnerability with a CVSS score of 4.3 (MEDIUM). A vulnerability was determined in Open5GS up to 2.7.7. Affected is the function ogs_sbi_subscription_data_add/ogs_sbi_nf_service_add in the library /lib/sbi/context.c of the component NRF. Executing a...
How severe is CVE-2026-8744?
CVE-2026-8744 has been rated MEDIUM with a CVSS base score of 4.3/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2026-8744?
Check the references section above for vendor advisories and patch information. Affected products include: Open5Gs Open5Gs.